Commit Graph

21412 Commits

Author SHA1 Message Date
John Maguire b88ddb8f9f
update goldenfile checker for running in ent repo (#21617) 2024-08-19 18:14:13 +00:00
John Maguire bc4c479a31
[NET-10737] Add CI Checks for Generated Testdata (#21613)
* Add checks to CI to ensure that generated golden files for xds tests are up to date

* fix file permissions

* debugging

* more debugging

* more debugging

* more debugging

* more debugging

* I can't type

* this might be correct

* removing debug prints
2024-08-19 11:49:05 -04:00
John Murret f76da16000
Fix TestDNS_ServiceLookup_ARecordLimits so that it only creates test agents the minimal amount of time (#21608)
* get rid of unused column

* get rid of duplicate section now that deletion of unused column makes the section duplicate..

* explicit set protocol rathern than infer it in checkDNSService

* explicit have attribute for whether to set EDNS0 in the test cases  rathern than infer it in checkDNSService

* now modify so that test agents are only created for each unique configuration which is based on the a_record_limit.

* Fix TestDNS_ServiceLookup_AnswerLimits  so that it only creates test agents the minimal amount of time. (#21609)

Fix TestDNS_ServiceLookup_AnswerLimits  so that it only creates test agents the minimal amount of time
2024-08-15 18:09:09 +00:00
danielehc e2bb1b76cc
CE-657 - Move Application leader election tutorial to docs (#21366)
* First commit

* Fix navigation

* Add some commands

* Structure draft

* Complete usage doc structure

* Fix link

* Apply suggestions from code review

Co-authored-by: Aimee Ukasick <aimee.ukasick@hashicorp.com>

* Apply suggestions from code review

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Apply suggestions from code review

* Replace tutorial path

* Apply suggestions from code review

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

---------

Co-authored-by: Aimee Ukasick <aimee.ukasick@hashicorp.com>
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: boruszak <jeffrey.boruszak@hashicorp.com>
2024-08-15 09:07:30 +02:00
John Maguire 58fad92cd3
fix where jwt clusters are generated (#21606) 2024-08-14 20:03:00 +00:00
John Maguire 1fa428552b
[NET-10719] Fix cluster generation for jwt clusters for external jwt providers (#21604)
* Fix cluster generation for jwt clusters for external jwt providers

* add changelog
2024-08-14 15:41:02 -04:00
John Maguire 8555404662
[NET-10733] fix generation of xds resources (#21603)
fix generation of xds resources
2024-08-14 15:00:00 -04:00
Michael Zalimeni a570858a35
docs: Update compatibility.mdx for OpenShift (#21600)
Remove note that OpenShift 4.16 is not yet available, now that it's been released.

It will be added to the matrix in a future update once we've tested compatibility across eligible `consul-k8s` versions.
2024-08-14 12:59:13 -04:00
John Murret dcad90639f
NET-10685 - Remove dns v2 code (#21598)
* NET-10685 - Remove dns v2 code

* adding missing erro

* add missing license info.
2024-08-13 16:53:48 -06:00
danielehc 89618f9e37
CE-655 - Moving DNS forwading tutorial to docs (#21348)
* First commit

* Add page to navigation

* test new doc page

* Update website/content/docs/services/discovery/dns-forwarding.mdx

* Update website/content/docs/services/discovery/dns-forwarding.mdx

* fix push build atttempt

* Draft

* Draft

* empty line

* Draft

* empty lines

* Draft

* First draft

* Create documentation for Argo Rollouts Plugin. (#20680)

* Create documentation for Argo Rollouts Plugin.

* Create documentation for Argo Rollouts Plugin.

* Apply suggestions from code review

Co-authored-by: David Yu <dyu@hashicorp.com>

* Apply suggestions from code review

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Update docs based on feedback

* Apply suggestions from code review

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Update website/content/docs/k8s/deployment-configurations/argo-rollouts-configuration.mdx

* Update website/content/docs/k8s/deployment-configurations/argo-rollouts-configuration.mdx

---------

Co-authored-by: David Yu <dyu@hashicorp.com>
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: Michael Wilkerson <62034708+wilkermichael@users.noreply.github.com>

* Split content and add images

* Fix navigation

* Add links and context

* Restructure changes

* Fix enable documentation

* Fix enable documentation

* Fix index documentation

* Add troubleshooting and fix codeblocks

* Add troubleshooting and fix codeblocks

* Typos and last checks

* Apply suggestions from code review

Co-authored-by: Aimee Ukasick <aimee.ukasick@hashicorp.com>

* Apply suggestions from code review

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Update website/content/docs/services/discovery/dns-forwarding/enable.mdx

* Apply suggestions from code review

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Add dark mode images

* Add dark mode images

* Apply suggestions from code review

---------

Co-authored-by: boruszak <jeffrey.boruszak@hashicorp.com>
Co-authored-by: Ashwin Venkatesh <ashwin@hashicorp.com>
Co-authored-by: David Yu <dyu@hashicorp.com>
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: Michael Wilkerson <62034708+wilkermichael@users.noreply.github.com>
Co-authored-by: Aimee Ukasick <aimee.ukasick@hashicorp.com>
2024-08-13 14:52:12 +02:00
sarahalsmiller 929d602dbb
ui: Upgrade d3 packages to update color dependency (#21588)
* upgrade d3 packages to update color dependency

* yarn package bump

* deps moved into devdeps

---------

Co-authored-by: Phil Renaud <phil@riotindustries.com>
2024-08-12 09:52:16 -04:00
sarahalsmiller 779d3c3eda
Suppress CVE-2024-7264 (#21590)
supress curl error
2024-08-07 20:55:48 +00:00
John Murret c526659b7f
NET-10610 - stop logging no data as errors in DNS lookups (#21578) 2024-08-01 11:23:19 -06:00
Michael Zalimeni 588730c49f
ci: use workflow-scoped GH PAT for backports (#21570)
This is necessary to allow backporting changes to GHA workflows, and
mirrors the token use in the CE->Ent merge workflow.
2024-07-30 16:34:40 -04:00
Michael Zalimeni 01ae0d3d38
ci: Update backport-assistant to 0.4.4 (#21572)
Update backport-assistant to 0.4.4
2024-07-30 16:20:41 -04:00
Krastin Krastev bbc5229362
docs: Clarify cluster peering vs WAN federation comparison (#21568)
cluster peering: remove shared KV store bulletpoint
2024-07-30 16:24:25 +03:00
John Maguire e601d7e0e9
[NET-7787] Update JWT docs for APIGateway (#20800)
* Update k8s docs

* Update jwt docs with examples

* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Update docs to follow style guide, use CodeBlockConfig, remove section
to apply the configuration for k8s docs

* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-vms.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-vms.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Update website/content/docs/connect/gateways/api-gateway/secure-traffic/verify-jwts-k8s.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

---------

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
2024-07-24 17:56:44 +00:00
Krastin Krastev 5a74bb6d5a
docs/WAF: failure zones refresh (#21545)
* failure zones initial commit

* Apply suggestions from code review

Co-authored-by: Aimee Ukasick <aimee.ukasick@hashicorp.com>
Co-authored-by: danielehc <40759828+danielehc@users.noreply.github.com>

* Update improving-consul-resilience.mdx

Co-authored-by: Aimee Ukasick <aimee.ukasick@hashicorp.com>

* typo

* adding diagrams

* fixing inline bulletpoint image

* adding light and dark diagrams

* Apply suggestions from code review

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* fix links in article

* fix inline alert render

---------

Co-authored-by: Aimee Ukasick <aimee.ukasick@hashicorp.com>
Co-authored-by: danielehc <40759828+danielehc@users.noreply.github.com>
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
2024-07-22 16:43:36 +03:00
Aimee Ukasick 654528ca60
DOCS: CE-556 Add partition parameter to API endpoint docs (#21374)
* CD-556 rename partition partial that's only used in CLI

Update CLI pages for partial rename

API: Add partial for partition as body option
API: Add partial for partition as query parameter

Update API peering and members pages

* acl/auth-methods.mdx

Update partition partials to be generic

* binding-rules.mdx, policies.mdx

* roles.mdx, templated-policies.mdx

* tokens.mdx, catalog.mdx, config.mdx, intentions.mdx

* service.mdx, exported-services.mdx, kv.mdx, namespaces.mdx

* Apply suggestions from code review

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Add partial to acl/auth-methods.mdx

Fix headings indent in a few files.

* Update website/content/api-docs/acl/auth-methods.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

---------

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
2024-07-18 12:02:45 -05:00
Nathan Coleman a9d92d020d
Add changelog entries for 1.15.13, 1.17.6, 1.18.3 and 1.19.1 (#21539) 2024-07-11 10:15:22 -05:00
John Maguire c0faddbe1f
[NET-10246] use correct enterprise meta for service name for LinkedService (#21382)
* use correct enterprise meta for service name for LinkedService

* add changelog
2024-07-10 10:55:53 -04:00
Nathan Coleman bc6e889eef
Use vault.centos.org instead of mirror.centos.org (#21530)
The latter is no longer resolvable since CentOS 7 is EOL
2024-07-09 14:58:22 -04:00
Nathan Coleman ab3d5c74ab
Use debian:12 instead of centos:7 for artifact verification (#21527)
CentOS 7 has entered End of Life as of June 30, 2024. Debian 12 is available from Docker and offers linux/386 architecture support
2024-07-09 16:21:51 +00:00
Nathan Coleman 8d2370da76
[NET-10290] Update ENVOY_VERSIONS (#21524)
* [NET-10290] Update ENVOY_VERSIONS

* Add changelog entry

* Link to CVE for more info in changelog entry

Co-authored-by: Deniz Onur Duzgun <59659739+dduzgun-security@users.noreply.github.com>

---------

Co-authored-by: Deniz Onur Duzgun <59659739+dduzgun-security@users.noreply.github.com>
2024-07-08 18:59:51 -04:00
Phil Renaud dce6241869
[ui] File-specified deps for consul-ui (#21378)
* Namespaced and file-specified deps

* Pinning to a specific version of tailwind and setting config for js packages to come from npmjs

* Pin glob instead of reverting tailwind or any other (grand)parent dependency

* ember-cli-build fixed path resolution for now-namespaced submodules

* Dropping the namespace prefix and relying on relative pathing
2024-07-08 16:36:29 -04:00
Dan Stough a251f8ad80
fix(dns): spam ttl logs for prepared queries (#21381) 2024-07-08 10:34:00 -04:00
Michael Zalimeni 40ca4ad6d0
[NET-5622] build: consolidate Envoy version management (#21245)
* build: consolidate Envoy version management

Simplify Envoy version management by consolidating all runtime, build,
and CI sources of Envoy versions into a single plaintext file.

The goal of this change is to avoid common mistakes missing an update of
some Envoy versions (both in general and due to release branch
inconsistency), and enable automated Envoy version updates in the
future.

* ci: add missing ref argument for get-go-version

Supports nightly tests.
2024-07-05 14:19:23 -05:00
Dan Stough 763cd0bffb
fix(txn): validate verbs (#21519)
* fix(txn): validate verbs

* changelog
2024-07-05 14:51:20 -04:00
Maciej Lisowski b3f15b91d3
docs: Remove duplicate 'to' word (#21222)
Signed-off-by: Maciej Lisowski <macieejl00@gmail.com>
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
2024-07-03 14:43:29 -07:00
sarahalsmiller f3649e16a7
NET-10288-Bump-go-to-resolve-CVE-2024-24791 (#21507)
* bump go version

* changelog

* Update .changelog/21507.txt

* Update go.mod

Co-authored-by: Deniz Onur Duzgun <59659739+dduzgun-security@users.noreply.github.com>

* go mod tidy

---------

Co-authored-by: Deniz Onur Duzgun <59659739+dduzgun-security@users.noreply.github.com>
2024-07-03 12:47:20 -05:00
Kiran Naidoo 88bade6cc0
security: fix AliasCheck panic (update) (#21510)
Updated `checkServiceExistsOnRemoteServer` to ensure there are services
returned from the specified node before proceeding with the service
matcher.
2024-07-03 10:48:08 -04:00
sarahalsmiller 6f31bfebbe
Update retryable-http-client to resolve CVE-2024-6104 (#21384)
* update retryable-http-client

* changelog
2024-07-02 10:12:13 -05:00
Dan Stough cec66f0743
build: cross compile darwin builds (#21326) 2024-06-26 16:13:57 +00:00
Dan Stough a4a3aec567
fix(dns): bug with standard lookup tags not working; SRV questions returning duplicate hostnames (#21361) 2024-06-25 13:42:25 -04:00
David Yu a04cc5aeae
docs: Add argo rollouts to 1.19.x release notes (#21363)
* Update v1_19_x.mdx

* Update website/content/docs/release-notes/consul/v1_19_x.mdx

* Update v1_5_x.mdx

---------

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
2024-06-25 16:12:33 +00:00
Ashwin Venkatesh 596a4cd4c5
Create documentation for Argo Rollouts Plugin. (#20680)
* Create documentation for Argo Rollouts Plugin.

* Create documentation for Argo Rollouts Plugin.

* Apply suggestions from code review

Co-authored-by: David Yu <dyu@hashicorp.com>

* Apply suggestions from code review

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Update docs based on feedback

* Apply suggestions from code review

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* Update website/content/docs/k8s/deployment-configurations/argo-rollouts-configuration.mdx

* Update website/content/docs/k8s/deployment-configurations/argo-rollouts-configuration.mdx

---------

Co-authored-by: David Yu <dyu@hashicorp.com>
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
Co-authored-by: Michael Wilkerson <62034708+wilkermichael@users.noreply.github.com>
2024-06-24 16:32:52 -07:00
Michael Zalimeni 830d1bf77f
ci: fix file parsing in conditional-skip script (#21343)
Ensure files are split rather than compared as a single list for
accuracy and easier debugging.

Also adopt minor changes and file name from introduction of similar
check `consul-dataplane` and `consul-k8s` for clarity.
2024-06-18 15:38:35 -04:00
Michael Zalimeni a16bfc6a3c
ci: skip 1.18 nightly int tests on CE (#21349)
This version is no longer active in CE.
2024-06-18 15:08:42 -04:00
sarahalsmiller c18c911ac8
[Security] Close cross scripting vulnerability (#21342)
* close vulnerability

* add changelog
2024-06-17 13:54:37 -04:00
Deniz Onur Duzgun 7a19d2e7a4
security: fix AliasCheck panic (#21339)
* security: fix AliasCheck panic

* add changelog
2024-06-14 11:03:10 -04:00
Dan Stough 6302ef31fc
docs: known issue with v2dns SRV requests (#21331)
* docs: known issue with v2dns SRV requests

* Update website/content/docs/release-notes/consul/v1_19_x.mdx

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

---------

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
2024-06-14 10:47:43 -04:00
Michael Zalimeni 78715ef718
docs: simplify Envoy version support docs (#21295)
Consistently use `.x` to denote implicit support for Envoy minor
versions under a supported major version unless otherwise noted.

This will clarify for operators that we support new Envoy minor versions
without requiring a docs update on each new release, and will reduce the
maintenance burden for these docs going forward.
2024-06-13 16:10:59 -04:00
Dan Stough 45cb834185
docs: k8s updates for the 1.5.0 release (#21329) 2024-06-13 15:45:55 -04:00
Jeff Boruszak 895e7f86f3
docs: v1.19 corrections (#21324)
* release notes

* Usage pages fixes
2024-06-13 10:14:57 -07:00
Jeff Boruszak e9c983f361
docs: consul-k8s v1.5.0 release notes (#21320)
* consul-k8s 1.5.0 release notes

* Nav Entry

* Envoy version bumps

* Version updates/corrections

* external crd description update
2024-06-12 14:44:35 -07:00
Dan Stough 28c5eaf997
chore: update versions.hcl for 1.19.0 release (#21319) 2024-06-12 17:29:50 +00:00
Dan Stough e0ef346613
docs: update changelog.md for 1.19.0 (#21317) 2024-06-12 16:51:38 +00:00
Jeff Boruszak ed962e8b5e
docs: External CRD fast follow (#21313)
* ESM

* TGW note
2024-06-12 08:50:29 -07:00
Jeff Boruszak bba8dcba80
docs: Consul v1.19 Release Notes (#21279)
* Initial release notes

* Draft of release notes

* spacing fix

* Apply suggestions from code review

Co-authored-by: Aimee Ukasick <aimee.ukasick@hashicorp.com>

* Update website/content/docs/release-notes/consul/v1_19_x.mdx

---------

Co-authored-by: Aimee Ukasick <aimee.ukasick@hashicorp.com>
2024-06-11 20:25:18 +00:00
Nathan Coleman 14e409ef54
Configure linter to forbid use of html/template (#21307)
* Configure linter to forbid use of html/template

We should never use html/template due to the performance penalty and the fact that we are highly unlikely to ever be generating HTML templates.

* Link to PR explaining the format of forbidigo.forbid
2024-06-11 16:17:12 -04:00